Install_Xfer_OTT_137[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Install_Xfer_OTT_137.exe
Size

8.0MB
MD5

d37e8c8e92d55af5d4eb031d07544238
SHA1

1b8a72704a8a6b871cc90ac6c72155a9f7779c6a
SHA256

d4e1d3f62a1db904d3ab5c776ddcbb39ac74469e5ca3ed723e3dcef89ebcefeb
SHA512

6a3236fb58dfe8fd502e44910f202323c319f12a6f3dca9f0d67b001a70c58a1838efff58c2f48455b6b09084a2aab12bcc523a5837dbbf4f566de9afc118a67
SSDEEP

196608:+E2a9qG01Uk3Go9DT9+ovDJC21i0hVynPu89M+xkKzl:+doR0173GYDT9+mJC21iMVyPmAdzl

Score

3^/10

Malware Config

Signatures

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/advsplash.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$_13_/OTT_x64.dll
unpack001/$_57_/rebyter.exe
unpack001/C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.aaxplugin
unpack001/C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/x64/OTT.aaxplugin
unpack001/C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.aaxplugin
unpack001/C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/x64/OTT.aaxplugin
unpack001/C:/Program Files/Common Files/VST3/OTT.vst3
unpack001/OTT.dll

Files

Install_Xfer_OTT_137.exe
.exe windows:4 windows x86 arch:x86

6e7f9a29f2c85394521a08b9f31f6275

Code Sign

0d:8e:39:4f:36:06:1f:ef:36:de:c5:2c:04:f6:03:33
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2020, 00:00

Not After

12/05/2023, 12:00

Subject

CN=Stephen Duda,O=Stephen Duda,L=Studio City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:2f:88:79:51:57:e2:b0:97:9d:6f:e7:7b:1e:15:3f:ae:8e:e2:6c
Signer

Actual PE Digest

69:2f:88:79:51:57:e2:b0:97:9d:6f:e7:7b:1e:15:3f:ae:8e:e2:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
SetWindowPos
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
CreateFileW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersion
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$LOCALAPPDATA/Xfer/Uninstall_OTT.exe
.exe windows:4 windows x86 arch:x86

6e7f9a29f2c85394521a08b9f31f6275

Code Sign

0d:8e:39:4f:36:06:1f:ef:36:de:c5:2c:04:f6:03:33
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2020, 00:00

Not After

12/05/2023, 12:00

Subject

CN=Stephen Duda,O=Stephen Duda,L=Studio City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:a8:b9:c8:32:e8:79:98:71:f4:61:da:14:f6:78:2e:0c:f1:55:47
Signer

Actual PE Digest

6f:a8:b9:c8:32:e8:79:98:71:f4:61:da:14:f6:78:2e:0c:f1:55:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
SetWindowPos
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
CreateFileW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersion
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

6b5c4f7d679059f68f1269aad3a5cecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc

user32

DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/advsplash.dll
.dll windows:4 windows x86 arch:x86

4d85954a016da6eba41af38db29369a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynW
LoadLibraryA
lstrcpyW
lstrcatW
GetProcAddress
GlobalAlloc
GlobalFree

user32

EnumDisplaySettingsW
LoadImageW
BeginPaint
SetWindowLongW
SystemParametersInfoW
EndPaint
GetClientRect
CreateWindowExW
DefWindowProcW
DestroyWindow
IsWindow
GetMessageW
DispatchMessageW
UnregisterClassW
wsprintfW
PostMessageW
SetWindowRgn
RegisterClassW
LoadCursorW
SetWindowPos

gdi32

BitBlt
DeleteDC
DeleteObject
CombineRgn
GetObjectW
GetDIBits
SelectObject
CreateCompatibleDC
CreateRectRgn

winmm

timeSetEvent
PlaySoundW
timeKillEvent

Exports

Exports

show

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

6b5c4f7d679059f68f1269aad3a5cecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc

user32

DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/splash.bmp
$_13_/OTT_x64.dll
.dll windows:6 windows x64 arch:x64

61d3b4877af4b8670908947d5cd84a7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shell32

SHGetSpecialFolderPathW
ExtractAssociatedIconW
ShellExecuteA
DragQueryFileW
ord74

user32

DestroyMenu
CreatePopupMenu
KillTimer
SetTimer
GetKeyState
AttachThreadInput
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
SetFocus
GetFocus
GetWindowTextW
GetWindowLongPtrW
SetWindowLongPtrW
EnumWindows
GetDC
AppendMenuW
TrackMouseEvent
GetMessagePos
GetMessageTime
GetMessageExtraInfo
SendMessageW
IsWindow
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowPos
GetWindowPlacement
IsWindowVisible
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetAsyncKeyState
GetKeyboardState
ToUnicode
MapVirtualKeyW
GetCapture
SetCapture
TrackPopupMenu
SetMenuInfo
SetMenuItemInfoW
ReleaseDC
ReleaseCapture
GetSystemMetrics
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRgn
InvalidateRect
RegisterClassW
CallWindowProcW
wsprintfW
GetClassNameW
GetWindowInfo
EnumDisplayMonitors
RedrawWindow
SetWindowTextW
GetClientRect
GetWindowRect
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
ScreenToClient
WindowFromPoint
GetWindowLongW
SetWindowLongW
GetDesktopWindow
GetParent
EnumChildWindows
FindWindowW
FindWindowExW
LoadCursorW
DestroyCursor
DestroyIcon
CreateIconIndirect
SystemParametersInfoW
GetMonitorInfoW
GetWindowTextLengthW
MapWindowPoints

kernel32

InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
WaitForSingleObjectEx
GetSystemTimeAsFileTime
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
ResetEvent
GetStartupInfoW
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
SetLastError
RtlUnwind
TlsAlloc
TlsGetValue
WriteConsoleW
TlsSetValue
TlsFree
LoadLibraryExW
GetTimeZoneInformation
CreateThread
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindNextFileW
ExitThread
GetFileAttributesW
GetFileAttributesExW
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetTempPathW
IsDebuggerPresent
OutputDebugStringW
CloseHandle
SetUnhandledExceptionFilter
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
CreateEventW
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
TerminateThread
SetPriorityClass
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryW
SetThreadAffinityMask
FormatMessageW
GetLocaleInfoW
GetCommandLineW
GetCurrentProcessId
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
MultiByteToWideChar
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceW
GetTickCount
GetVersionExW
LoadLibraryA
GlobalFree
FindResourceA
FreeLibraryAndExitThread
GetFileType
HeapAlloc
HeapFree
HeapReAlloc
GetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
GetFileSizeEx
SetFilePointerEx
SetStdHandle
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
FlushFileBuffers

gdi32

ExcludeClipRect
CreateRectRgnIndirect
CreateRectRgn
CreateBitmap
CombineRgn
GetKerningPairsW
GetTextMetricsW
SetMapMode
SetMapperFlags
SelectObject
GetRegionData
GetGlyphIndicesW
GetOutlineTextMetricsW
GetGlyphOutlineW
GetDeviceCaps
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
RestoreDC
SetTextColor
SaveDC
StretchDIBits
CreateDIBSection
AddFontResourceExW
CreateSolidBrush
SetBkColor
RemoveFontMemResourceEx

ole32

GetHGlobalFromStream
CreateStreamOnHGlobal
DoDragDrop
RevokeDragDrop
RegisterDragDrop
OleUninitialize
OleInitialize
CoCreateInstance

winmm

timeGetTime
timeBeginPeriod

imm32

ImmGetContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmReleaseContext

gdiplus

GdipGetLineSpacing
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontHeightGivenDPI
GdipDrawString
GdipMeasureString
GdipCreateHBITMAPFromBitmap
GdipSetLinePresetBlend
GdipCreateLineBrush
GdipSetSolidFillColor
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipSetMatrixElements
GdipCreateBitmapFromScan0
GdipGetCellAscent
GdipCreateMatrix
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathEllipse
GdipAddPathRectangle
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipClosePathFigure
GdipStartPathFigure
GdipSetPathFillMode
GdipDeletePath
GdipClonePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetCellDescent
GdipGetEmHeight
GdipCreateMatrix2
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipSetClipRect
GdipDrawImageRectRectI
GdipFillPath
GdipFillEllipse
GdipSetPathGradientCenterColor
GdipGetImageHeight
GdipGetImageWidth
GdipGetGenericFontFamilySansSerif
GdipFillPolygon
GdipFillRectangle
GdipDrawPath
GdipDrawPolygon
GdipDrawEllipse
GdipDrawRectangle
GdipDrawLine
GdipGetDpiY
GdipSetPageUnit
GdipGetWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHWND
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipCreatePathGradientFromPath
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipIsVisiblePathPoint
GdipCreateBitmapFromResource
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipSetPenDashArray
GdipSetPenDashOffset
GdipSetPenDashStyle
GdipSetPenColor
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipSetPenWidth
GdipDeletePen
GdipCreatePen1
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPoint
GdipDeleteMatrix
GdipSetPathGradientSurroundColorsWithCount
GdipDisposeImageAttributes
GdipCreateBitmapFromStreamICM

Exports

Exports

VSTPluginMain
main

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 500KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_57_/rebyter.exe
.exe windows:6 windows x64 arch:x64

a69a20b85ef89cc149f2c89737acc996

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\matta\Documents\Xfer_dev\FreewareCombo\win\x64\Release\rebyter.pdb

Imports

advapi32

RegGetValueW

msvcp140

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Syserror_map@std@@YAPEBDH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Winerror_map@std@@YAHH@Z
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
__current_exception_context
__current_exception
memcmp
__C_specific_handler
__std_terminate
__std_exception_copy
__std_exception_destroy
memcpy
_CxxThrowException
memmove

api-ms-win-crt-stdio-l1-1-0

_fseeki64
fsetpos
setvbuf
fgetpos
_set_fmode
__p__commode
__stdio_common_vfwprintf
_open
fputc
_get_stream_buffer_pointers
_read
ungetc
fwrite
fgetc
fflush
ferror
_lseek
__acrt_iob_func
fread
feof
_close
__stdio_common_vsprintf
_write
fseek
fclose
fopen
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_errno
strerror
_invalid_parameter_noinfo_noreturn
terminate
_crt_atexit
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_register_onexit_function
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
exit
_set_app_type
_seh_filter_exe
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
_set_new_mode
free

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
___lc_codepage_func

kernel32

RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
LocalFree
FormatMessageA
CreateFileW
GetFileAttributesW
GetFileAttributesExW
SetFileInformationByHandle
GetTempPathW
AreFileApisANSI
CloseHandle
GetLastError
GetFileInformationByHandleEx
WideCharToMultiByte
RtlCaptureContext

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.aaxplugin
.dll windows:6 windows x86 arch:x86

b4e2f1fef8cb71d668d97be196d46db5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHGetSpecialFolderPathW
ExtractAssociatedIconW
DragQueryFileW
ord74
ShellExecuteA

user32

DestroyMenu
CreatePopupMenu
KillTimer
SetTimer
GetKeyState
RegisterClassW
CallWindowProcW
wsprintfW
GetClassNameW
AttachThreadInput
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
SetFocus
GetFocus
GetWindowTextW
GetWindowLongW
SetWindowLongW
AppendMenuW
GetDC
ReleaseDC
TrackMouseEvent
GetMessagePos
GetMessageTime
GetMessageExtraInfo
SendMessageW
IsWindow
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowPos
GetWindowPlacement
IsWindowVisible
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetAsyncKeyState
GetKeyboardState
ToUnicode
MapVirtualKeyW
GetCapture
SetCapture
TrackPopupMenu
SetMenuInfo
SetMenuItemInfoW
EnumWindows
ReleaseCapture
GetSystemMetrics
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRgn
InvalidateRect
GetWindowInfo
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
CreateIconIndirect
RedrawWindow
SetWindowTextW
GetClientRect
GetWindowRect
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
ScreenToClient
WindowFromPoint
GetDesktopWindow
GetParent
EnumChildWindows
FindWindowW
FindWindowExW
LoadCursorW
DestroyCursor
DestroyIcon
MapWindowPoints
GetWindowTextLengthW

kernel32

DecodePointer
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
EncodePointer
LCMapStringEx
GetStringTypeW
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
WriteConsoleW
LoadLibraryExW
GetTimeZoneInformation
CreateThread
ExitThread
GetCPInfo
FreeLibraryAndExitThread
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
GetFileType
FlushFileBuffers
GetFileAttributesW
GetFileAttributesExW
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetTempPathW
IsDebuggerPresent
OutputDebugStringW
CloseHandle
SetUnhandledExceptionFilter
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateEventW
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
TerminateThread
SetPriorityClass
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryW
SetThreadAffinityMask
FormatMessageW
GetLocaleInfoW
GetCommandLineW
GetCurrentProcessId
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GetTickCount
GetVersionExW
LoadResource
LockResource
SizeofResource
LoadLibraryA
GlobalFree
FindResourceA
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
HeapAlloc
HeapFree
HeapReAlloc
GetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
GetFileSizeEx
SetFilePointerEx
SetStdHandle
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
FindNextFileW

gdi32

CombineRgn
GetKerningPairsW
GetTextMetricsW
SetMapMode
SetMapperFlags
SelectObject
RemoveFontMemResourceEx
GetGlyphIndicesW
CreateBitmap
GetGlyphOutlineW
GetDeviceCaps
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
SetBkColor
CreateSolidBrush
SetTextColor
AddFontResourceExW
CreateRectRgn
CreateRectRgnIndirect
GetRegionData
ExcludeClipRect
RestoreDC
SaveDC
StretchDIBits
CreateDIBSection
GetOutlineTextMetricsW

ole32

RevokeDragDrop
RegisterDragDrop
OleUninitialize
OleInitialize
CoCreateInstance
CreateStreamOnHGlobal
DoDragDrop
GetHGlobalFromStream

winmm

timeGetTime
timeBeginPeriod

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmGetContext

gdiplus

GdipGetGenericFontFamilySansSerif
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontHeightGivenDPI
GdipDrawString
GdipMeasureString
GdipCloneBrush
GdipSetMatrixElements
GdipDisposeImage
GdipCreateFontFamilyFromName
GdipCreateMatrix
GdipFillEllipse
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathEllipse
GdipAddPathRectangle
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipClosePathFigure
GdipStartPathFigure
GdipSetPathFillMode
GdipDeletePath
GdipClonePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDeleteFontFamily
GdipSetClipRect
GdipDrawImageRectRectI
GdipCreateMatrix2
GdipFillPolygon
GdipFillRectangle
GdipDrawPath
GdipDrawPolygon
GdipDrawEllipse
GdipDrawRectangle
GdipCloneImage
GdipSetPenDashArray
GdipSetPenDashOffset
GdipSetPenDashStyle
GdipFillPath
GdipDrawLine
GdipGetDpiY
GdipSetPageUnit
GdipGetWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHWND
GdipCreateBitmapFromScan0
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromResource
GdipDeleteBrush
GdipGetImageGraphicsContext
GdipCreateBitmapFromStreamICM
GdipGetImageHeight
GdipIsVisiblePathPoint
GdipGetImageWidth
GdipSetPenColor
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipSetPenWidth
GdipDeletePen
GdipCreatePen1
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPoint
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipSetLinePresetBlend
GdipCreateLineBrush
GdipSetSolidFillColor
GdipDeleteMatrix
GdipCreateSolidFill
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC

Exports

Exports

VSTPluginMain
_ACFCanUnloadNow@4
_ACFGetClassFactory@16
_ACFGetSDKVersion@4
_ACFRegisterComponent@12
_ACFRegisterPlugin@8
_ACFShutdown@4
_ACFStartup@4
main

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/x64/OTT.aaxplugin
.dll windows:6 windows x64 arch:x64

de49250d133e32e6af16efcff25bd4be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shell32

SHGetSpecialFolderPathW
ExtractAssociatedIconW
DragQueryFileW
ord74
ShellExecuteA

user32

DestroyMenu
CreatePopupMenu
KillTimer
SetTimer
GetKeyState
RegisterClassW
AttachThreadInput
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
SetFocus
GetFocus
GetWindowTextW
GetWindowLongPtrW
SetWindowLongPtrW
EnumWindows
GetDC
AppendMenuW
TrackMouseEvent
GetMessagePos
GetMessageTime
GetMessageExtraInfo
SendMessageW
IsWindow
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowPos
GetWindowPlacement
IsWindowVisible
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetAsyncKeyState
GetKeyboardState
ToUnicode
MapVirtualKeyW
GetCapture
SetCapture
TrackPopupMenu
SetMenuInfo
SetMenuItemInfoW
ReleaseDC
ReleaseCapture
GetSystemMetrics
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRgn
InvalidateRect
CallWindowProcW
wsprintfW
GetClassNameW
GetWindowInfo
EnumDisplayMonitors
GetMonitorInfoW
RedrawWindow
SetWindowTextW
GetClientRect
GetWindowRect
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
ScreenToClient
WindowFromPoint
GetWindowLongW
SetWindowLongW
GetDesktopWindow
GetParent
EnumChildWindows
FindWindowW
FindWindowExW
LoadCursorW
DestroyCursor
DestroyIcon
CreateIconIndirect
SystemParametersInfoW
GetWindowTextLengthW
MapWindowPoints

kernel32

DecodePointer
EncodePointer
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlUnwindEx
RaiseException
InterlockedFlushSList
SetLastError
RtlUnwind
TlsAlloc
TlsGetValue
WriteConsoleW
TlsSetValue
TlsFree
LoadLibraryExW
GetTimeZoneInformation
CreateThread
ExitThread
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FlushFileBuffers
GetFileAttributesW
GetFileAttributesExW
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetTempPathW
IsDebuggerPresent
OutputDebugStringW
CloseHandle
SetUnhandledExceptionFilter
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateEventW
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
TerminateThread
SetPriorityClass
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryW
SetThreadAffinityMask
FormatMessageW
GetLocaleInfoW
GetCommandLineW
GetCurrentProcessId
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GetTickCount
GetVersionExW
LoadResource
LockResource
SizeofResource
LoadLibraryA
GlobalFree
FindResourceA
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
RtlPcToFileHeader
FreeLibraryAndExitThread
GetFileType
HeapAlloc
HeapFree
HeapReAlloc
GetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
GetFileSizeEx
SetFilePointerEx
SetStdHandle
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
FindNextFileW

gdi32

CreateRectRgnIndirect
CreateRectRgn
CreateBitmap
CombineRgn
GetKerningPairsW
GetTextMetricsW
SetMapMode
SetMapperFlags
SelectObject
ExcludeClipRect
GetGlyphIndicesW
GetOutlineTextMetricsW
GetGlyphOutlineW
GetDeviceCaps
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
AddFontResourceExW
GetRegionData
RestoreDC
SaveDC
StretchDIBits
CreateDIBSection
CreateSolidBrush
SetBkColor
SetTextColor
RemoveFontMemResourceEx

ole32

GetHGlobalFromStream
CreateStreamOnHGlobal
DoDragDrop
RevokeDragDrop
RegisterDragDrop
CoCreateInstance
OleUninitialize
OleInitialize

winmm

timeGetTime
timeBeginPeriod

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmGetContext

gdiplus

GdipGetCellDescent
GdipGetLineSpacing
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontHeightGivenDPI
GdipDrawString
GdipMeasureString
GdipCreateBitmapFromScan0
GdipCreateLineBrush
GdipSetSolidFillColor
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipSetMatrixElements
GdipCreateBitmapFromStreamICM
GdipGetEmHeight
GdipCreateMatrix
GdipDeleteFontFamily
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathEllipse
GdipAddPathRectangle
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipClosePathFigure
GdipStartPathFigure
GdipSetPathFillMode
GdipDeletePath
GdipClonePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetCellAscent
GdipGetGenericFontFamilySansSerif
GdipCreateMatrix2
GdipCreateFontFamilyFromName
GdipSetClipRect
GdipDrawImageRectRectI
GdipFillPath
GdipFillEllipse
GdipFillPolygon
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipFillRectangle
GdipDrawPath
GdipDrawPolygon
GdipDrawEllipse
GdipDrawRectangle
GdipDrawLine
GdipGetDpiY
GdipSetPageUnit
GdipGetWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHWND
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipSetLinePresetBlend
GdipCreatePathGradientFromPath
GdipBitmapLockBits
GdipCreateBitmapFromResource
GdipIsVisiblePathPoint
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipCloneImage
GdipSetPenDashArray
GdipSetPenDashOffset
GdipSetPenDashStyle
GdipSetPenColor
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipSetPenWidth
GdipDeletePen
GdipCreatePen1
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPoint
GdipSetPathGradientSurroundColorsWithCount
GdipDeleteMatrix
GdipSetPathGradientCenterColor
GdipCreateImageAttributes
GdipBitmapUnlockBits

Exports

Exports

ACFCanUnloadNow
ACFGetClassFactory
ACFGetSDKVersion
ACFRegisterComponent
ACFRegisterPlugin
ACFShutdown
ACFStartup
VSTPluginMain
main

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/PlugIn.ico
C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/desktop.ini
C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.aaxplugin
.dll windows:6 windows x86 arch:x86

b4e2f1fef8cb71d668d97be196d46db5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHGetSpecialFolderPathW
ExtractAssociatedIconW
DragQueryFileW
ord74
ShellExecuteA

user32

DestroyMenu
CreatePopupMenu
KillTimer
SetTimer
GetKeyState
RegisterClassW
CallWindowProcW
wsprintfW
GetClassNameW
AttachThreadInput
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
SetFocus
GetFocus
GetWindowTextW
GetWindowLongW
SetWindowLongW
AppendMenuW
GetDC
ReleaseDC
TrackMouseEvent
GetMessagePos
GetMessageTime
GetMessageExtraInfo
SendMessageW
IsWindow
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowPos
GetWindowPlacement
IsWindowVisible
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetAsyncKeyState
GetKeyboardState
ToUnicode
MapVirtualKeyW
GetCapture
SetCapture
TrackPopupMenu
SetMenuInfo
SetMenuItemInfoW
EnumWindows
ReleaseCapture
GetSystemMetrics
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRgn
InvalidateRect
GetWindowInfo
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
CreateIconIndirect
RedrawWindow
SetWindowTextW
GetClientRect
GetWindowRect
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
ScreenToClient
WindowFromPoint
GetDesktopWindow
GetParent
EnumChildWindows
FindWindowW
FindWindowExW
LoadCursorW
DestroyCursor
DestroyIcon
MapWindowPoints
GetWindowTextLengthW

kernel32

DecodePointer
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
EncodePointer
LCMapStringEx
GetStringTypeW
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
WriteConsoleW
LoadLibraryExW
GetTimeZoneInformation
CreateThread
ExitThread
GetCPInfo
FreeLibraryAndExitThread
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
GetFileType
FlushFileBuffers
GetFileAttributesW
GetFileAttributesExW
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetTempPathW
IsDebuggerPresent
OutputDebugStringW
CloseHandle
SetUnhandledExceptionFilter
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateEventW
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
TerminateThread
SetPriorityClass
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryW
SetThreadAffinityMask
FormatMessageW
GetLocaleInfoW
GetCommandLineW
GetCurrentProcessId
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GetTickCount
GetVersionExW
LoadResource
LockResource
SizeofResource
LoadLibraryA
GlobalFree
FindResourceA
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
HeapAlloc
HeapFree
HeapReAlloc
GetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
GetFileSizeEx
SetFilePointerEx
SetStdHandle
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
FindNextFileW

gdi32

CombineRgn
GetKerningPairsW
GetTextMetricsW
SetMapMode
SetMapperFlags
SelectObject
RemoveFontMemResourceEx
GetGlyphIndicesW
CreateBitmap
GetGlyphOutlineW
GetDeviceCaps
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
SetBkColor
CreateSolidBrush
SetTextColor
AddFontResourceExW
CreateRectRgn
CreateRectRgnIndirect
GetRegionData
ExcludeClipRect
RestoreDC
SaveDC
StretchDIBits
CreateDIBSection
GetOutlineTextMetricsW

ole32

RevokeDragDrop
RegisterDragDrop
OleUninitialize
OleInitialize
CoCreateInstance
CreateStreamOnHGlobal
DoDragDrop
GetHGlobalFromStream

winmm

timeGetTime
timeBeginPeriod

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmGetContext

gdiplus

GdipGetGenericFontFamilySansSerif
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontHeightGivenDPI
GdipDrawString
GdipMeasureString
GdipCloneBrush
GdipSetMatrixElements
GdipDisposeImage
GdipCreateFontFamilyFromName
GdipCreateMatrix
GdipFillEllipse
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathEllipse
GdipAddPathRectangle
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipClosePathFigure
GdipStartPathFigure
GdipSetPathFillMode
GdipDeletePath
GdipClonePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDeleteFontFamily
GdipSetClipRect
GdipDrawImageRectRectI
GdipCreateMatrix2
GdipFillPolygon
GdipFillRectangle
GdipDrawPath
GdipDrawPolygon
GdipDrawEllipse
GdipDrawRectangle
GdipCloneImage
GdipSetPenDashArray
GdipSetPenDashOffset
GdipSetPenDashStyle
GdipFillPath
GdipDrawLine
GdipGetDpiY
GdipSetPageUnit
GdipGetWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHWND
GdipCreateBitmapFromScan0
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromResource
GdipDeleteBrush
GdipGetImageGraphicsContext
GdipCreateBitmapFromStreamICM
GdipGetImageHeight
GdipIsVisiblePathPoint
GdipGetImageWidth
GdipSetPenColor
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipSetPenWidth
GdipDeletePen
GdipCreatePen1
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPoint
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipSetLinePresetBlend
GdipCreateLineBrush
GdipSetSolidFillColor
GdipDeleteMatrix
GdipCreateSolidFill
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC

Exports

Exports

VSTPluginMain
_ACFCanUnloadNow@4
_ACFGetClassFactory@16
_ACFGetSDKVersion@4
_ACFRegisterComponent@12
_ACFRegisterPlugin@8
_ACFShutdown@4
_ACFStartup@4
main

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/x64/OTT.aaxplugin
.dll windows:6 windows x64 arch:x64

de49250d133e32e6af16efcff25bd4be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shell32

SHGetSpecialFolderPathW
ExtractAssociatedIconW
DragQueryFileW
ord74
ShellExecuteA

user32

DestroyMenu
CreatePopupMenu
KillTimer
SetTimer
GetKeyState
RegisterClassW
AttachThreadInput
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
SetFocus
GetFocus
GetWindowTextW
GetWindowLongPtrW
SetWindowLongPtrW
EnumWindows
GetDC
AppendMenuW
TrackMouseEvent
GetMessagePos
GetMessageTime
GetMessageExtraInfo
SendMessageW
IsWindow
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowPos
GetWindowPlacement
IsWindowVisible
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetAsyncKeyState
GetKeyboardState
ToUnicode
MapVirtualKeyW
GetCapture
SetCapture
TrackPopupMenu
SetMenuInfo
SetMenuItemInfoW
ReleaseDC
ReleaseCapture
GetSystemMetrics
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRgn
InvalidateRect
CallWindowProcW
wsprintfW
GetClassNameW
GetWindowInfo
EnumDisplayMonitors
GetMonitorInfoW
RedrawWindow
SetWindowTextW
GetClientRect
GetWindowRect
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
ScreenToClient
WindowFromPoint
GetWindowLongW
SetWindowLongW
GetDesktopWindow
GetParent
EnumChildWindows
FindWindowW
FindWindowExW
LoadCursorW
DestroyCursor
DestroyIcon
CreateIconIndirect
SystemParametersInfoW
GetWindowTextLengthW
MapWindowPoints

kernel32

DecodePointer
EncodePointer
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlUnwindEx
RaiseException
InterlockedFlushSList
SetLastError
RtlUnwind
TlsAlloc
TlsGetValue
WriteConsoleW
TlsSetValue
TlsFree
LoadLibraryExW
GetTimeZoneInformation
CreateThread
ExitThread
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FlushFileBuffers
GetFileAttributesW
GetFileAttributesExW
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetTempPathW
IsDebuggerPresent
OutputDebugStringW
CloseHandle
SetUnhandledExceptionFilter
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateEventW
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
TerminateThread
SetPriorityClass
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryW
SetThreadAffinityMask
FormatMessageW
GetLocaleInfoW
GetCommandLineW
GetCurrentProcessId
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GetTickCount
GetVersionExW
LoadResource
LockResource
SizeofResource
LoadLibraryA
GlobalFree
FindResourceA
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
RtlPcToFileHeader
FreeLibraryAndExitThread
GetFileType
HeapAlloc
HeapFree
HeapReAlloc
GetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
GetFileSizeEx
SetFilePointerEx
SetStdHandle
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
FindNextFileW

gdi32

CreateRectRgnIndirect
CreateRectRgn
CreateBitmap
CombineRgn
GetKerningPairsW
GetTextMetricsW
SetMapMode
SetMapperFlags
SelectObject
ExcludeClipRect
GetGlyphIndicesW
GetOutlineTextMetricsW
GetGlyphOutlineW
GetDeviceCaps
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
AddFontResourceExW
GetRegionData
RestoreDC
SaveDC
StretchDIBits
CreateDIBSection
CreateSolidBrush
SetBkColor
SetTextColor
RemoveFontMemResourceEx

ole32

GetHGlobalFromStream
CreateStreamOnHGlobal
DoDragDrop
RevokeDragDrop
RegisterDragDrop
CoCreateInstance
OleUninitialize
OleInitialize

winmm

timeGetTime
timeBeginPeriod

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmGetContext

gdiplus

GdipGetCellDescent
GdipGetLineSpacing
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontHeightGivenDPI
GdipDrawString
GdipMeasureString
GdipCreateBitmapFromScan0
GdipCreateLineBrush
GdipSetSolidFillColor
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipSetMatrixElements
GdipCreateBitmapFromStreamICM
GdipGetEmHeight
GdipCreateMatrix
GdipDeleteFontFamily
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathEllipse
GdipAddPathRectangle
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipClosePathFigure
GdipStartPathFigure
GdipSetPathFillMode
GdipDeletePath
GdipClonePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetCellAscent
GdipGetGenericFontFamilySansSerif
GdipCreateMatrix2
GdipCreateFontFamilyFromName
GdipSetClipRect
GdipDrawImageRectRectI
GdipFillPath
GdipFillEllipse
GdipFillPolygon
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipFillRectangle
GdipDrawPath
GdipDrawPolygon
GdipDrawEllipse
GdipDrawRectangle
GdipDrawLine
GdipGetDpiY
GdipSetPageUnit
GdipGetWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHWND
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipSetLinePresetBlend
GdipCreatePathGradientFromPath
GdipBitmapLockBits
GdipCreateBitmapFromResource
GdipIsVisiblePathPoint
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipCloneImage
GdipSetPenDashArray
GdipSetPenDashOffset
GdipSetPenDashStyle
GdipSetPenColor
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipSetPenWidth
GdipDeletePen
GdipCreatePen1
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPoint
GdipSetPathGradientSurroundColorsWithCount
GdipDeleteMatrix
GdipSetPathGradientCenterColor
GdipCreateImageAttributes
GdipBitmapUnlockBits

Exports

Exports

ACFCanUnloadNow
ACFGetClassFactory
ACFGetSDKVersion
ACFRegisterComponent
ACFRegisterPlugin
ACFShutdown
ACFStartup
VSTPluginMain
main

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/PlugIn.ico
C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/desktop.ini
C:/Program Files/Common Files/VST3/OTT.vst3
.dll windows:6 windows x64 arch:x64

b9074a380f2607420c99849afbf38b90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shell32

ord74
DragQueryFileW
ShellExecuteA
ExtractAssociatedIconW
SHGetSpecialFolderPathW

user32

DispatchMessageW
PeekMessageW
PostMessageW
DefWindowProcW
UnregisterClassW
RegisterClassExW
SetFocus
MapWindowPoints
GetWindowTextLengthW
SetMenuItemInfoW
SetMenuInfo
TrackPopupMenu
AppendMenuW
GetFocus
GetWindowTextW
GetWindowLongPtrW
SetWindowLongPtrW
EnumWindows
GetDC
ReleaseDC
TrackMouseEvent
GetMessagePos
GetMessageTime
GetMessageExtraInfo
SendMessageW
IsWindow
IsChild
ShowWindow
UpdateLayeredWindow
TranslateMessage
SetWindowPos
GetWindowPlacement
IsWindowVisible
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetAsyncKeyState
GetKeyboardState
ToUnicode
MapVirtualKeyW
GetCapture
SetCapture
ReleaseCapture
GetSystemMetrics
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRgn
InvalidateRect
RedrawWindow
SetWindowTextW
GetClientRect
GetWindowRect
GetMessageW
GetWindowThreadProcessId
AttachThreadInput
SetLayeredWindowAttributes
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
ScreenToClient
DestroyMenu
CreatePopupMenu
GetKeyState
RegisterClassW
CallWindowProcW
WindowFromPoint
GetWindowLongW
SetWindowLongW
GetDesktopWindow
GetParent
EnumChildWindows
FindWindowW
FindWindowExW
LoadCursorW
DestroyCursor
DestroyIcon
CreateIconIndirect
SystemParametersInfoW
GetMonitorInfoW
EnumDisplayMonitors
GetWindowInfo
SetTimer
KillTimer
GetClassNameW
wsprintfW
CreateWindowExW
DestroyWindow

kernel32

RtlUnwind
SetLastError
InterlockedFlushSList
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
TlsGetValue
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TlsAlloc
TlsSetValue
TlsFree
LoadLibraryExW
GetTimeZoneInformation
ExitThread
FreeLibraryAndExitThread
GetFileType
HeapAlloc
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
HeapFree
FindNextFileW
FlushFileBuffers
GetFileAttributesW
GetFileAttributesExW
ReadFile
RemoveDirectoryW
SetEndOfFile
SetFilePointer
WriteFile
GetTempPathW
IsDebuggerPresent
OutputDebugStringW
CloseHandle
SetUnhandledExceptionFilter
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
CreateEventW
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
TerminateThread
SetPriorityClass
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryW
SetThreadAffinityMask
FormatMessageW
GetLocaleInfoW
GetCommandLineW
GetCurrentProcessId
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
ResetEvent
GetTickCount64
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
GetVersionExW
LoadResource
LockResource
SizeofResource
LoadLibraryA
GlobalFree
FindResourceA
FindResourceW
HeapReAlloc
GetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
GetFileSizeEx
SetFilePointerEx
SetStdHandle
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
CreateThread
FindClose
WriteConsoleW

gdi32

StretchDIBits
SaveDC
RestoreDC
GetRegionData
ExcludeClipRect
CreateRectRgnIndirect
CreateRectRgn
CreateBitmap
CombineRgn
CreateSolidBrush
GetTextMetricsW
SetMapMode
SetMapperFlags
SelectObject
RemoveFontMemResourceEx
GetGlyphIndicesW
GetOutlineTextMetricsW
GetGlyphOutlineW
GetDeviceCaps
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
CreateDIBSection
SetBkColor
SetTextColor
AddFontResourceExW
RemoveFontResourceExW
GetKerningPairsW

ole32

CoCreateInstance
OleInitialize
OleUninitialize
RegisterDragDrop
RevokeDragDrop
GetHGlobalFromStream
CreateStreamOnHGlobal
CoCreateGuid
DoDragDrop

winmm

timeGetTime
timeBeginPeriod

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmGetContext

gdiplus

GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontHeightGivenDPI
GdipDrawString
GdipMeasureString
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipSetMatrixElements
GdipDeleteMatrix
GdipCreateMatrix
GdipDrawImageRectRectI
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathEllipse
GdipAddPathRectangle
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipClosePathFigure
GdipStartPathFigure
GdipSetPathFillMode
GdipDeletePath
GdipClonePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipGetImageHeight
GdipFillPath
GdipFillEllipse
GdipFillPolygon
GdipFillRectangle
GdipDrawPath
GdipDrawPolygon
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipSetClipRect
GdipDrawEllipse
GdipDrawRectangle
GdipDrawLine
GdipGetDpiY
GdipSetPageUnit
GdipGetWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHWND
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap
GdipSetSolidFillColor
GdipCreateBitmapFromStreamICM
GdipIsVisiblePathPoint
GdipSetPenDashArray
GdipSetPenDashOffset
GdipSetPenDashStyle
GdipSetPenColor
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipSetPenWidth
GdipDeletePen
GdipCreatePen1
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPoint
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipSetLinePresetBlend
GdipCreateMatrix2
GdipCreateLineBrush
GdipCreateBitmapFromScan0

Exports

Exports

ExitDll
GetPluginFactory
InitDll

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 520KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OTT.dll
.dll windows:6 windows x86 arch:x86

af2300083eff180114023180ed206d72

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHGetSpecialFolderPathW
ExtractAssociatedIconW
ShellExecuteA
DragQueryFileW
ord74

user32

DestroyMenu
CreatePopupMenu
KillTimer
SetTimer
GetKeyState
RegisterClassW
CallWindowProcW
wsprintfW
AttachThreadInput
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
SetFocus
GetFocus
GetWindowTextW
GetWindowLongW
SetWindowLongW
EnumWindows
AppendMenuW
ReleaseDC
TrackMouseEvent
GetMessagePos
GetMessageTime
GetMessageExtraInfo
SendMessageW
IsWindow
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowPos
GetWindowPlacement
IsWindowVisible
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetAsyncKeyState
GetKeyboardState
ToUnicode
MapVirtualKeyW
GetCapture
SetCapture
TrackPopupMenu
SetMenuInfo
SetMenuItemInfoW
GetDC
ReleaseCapture
GetSystemMetrics
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRgn
InvalidateRect
GetClassNameW
GetWindowInfo
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
RedrawWindow
SetWindowTextW
GetClientRect
GetWindowRect
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
ScreenToClient
WindowFromPoint
GetDesktopWindow
GetParent
EnumChildWindows
FindWindowW
FindWindowExW
LoadCursorW
DestroyCursor
DestroyIcon
CreateIconIndirect
MapWindowPoints
GetWindowTextLengthW

kernel32

IsProcessorFeaturePresent
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
ResetEvent
GetSystemTimeAsFileTime
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
UnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
RtlUnwind
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
WriteConsoleW
LoadLibraryExW
GetTimeZoneInformation
CreateThread
ExitThread
RaiseException
FreeLibraryAndExitThread
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
GetFileType
FlushFileBuffers
GetFileAttributesW
GetFileAttributesExW
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetTempPathW
IsDebuggerPresent
OutputDebugStringW
CloseHandle
SetUnhandledExceptionFilter
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
CreateEventW
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
TerminateThread
SetPriorityClass
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryW
SetThreadAffinityMask
FormatMessageW
GetLocaleInfoW
GetCommandLineW
GetCurrentProcessId
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
MultiByteToWideChar
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceW
GetTickCount
GetVersionExW
LoadLibraryA
GlobalFree
FindResourceA
HeapAlloc
HeapFree
HeapReAlloc
GetStdHandle
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
GetFileSizeEx
SetFilePointerEx
SetStdHandle
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
FindNextFileW

gdi32

CreateBitmap
CombineRgn
GetKerningPairsW
GetTextMetricsW
SetMapMode
SetMapperFlags
SelectObject
RemoveFontMemResourceEx
CreateRectRgn
GetOutlineTextMetricsW
GetGlyphOutlineW
GetDeviceCaps
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
SetBkColor
CreateSolidBrush
SetTextColor
CreateRectRgnIndirect
ExcludeClipRect
RestoreDC
GetRegionData
SaveDC
StretchDIBits
CreateDIBSection
AddFontResourceExW
GetGlyphIndicesW

ole32

DoDragDrop
RevokeDragDrop
RegisterDragDrop
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoCreateInstance
GetHGlobalFromStream

winmm

timeGetTime
timeBeginPeriod

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmGetContext

gdiplus

GdipGetGenericFontFamilySansSerif
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipGetFontHeightGivenDPI
GdipDrawString
GdipMeasureString
GdipDeleteBrush
GdipCloneBrush
GdipSetMatrixElements
GdipGetImageGraphicsContext
GdipDeleteFontFamily
GdipCreateMatrix
GdipFillPath
GdipGetPathWorldBounds
GdipTransformPath
GdipAddPathString
GdipAddPathEllipse
GdipAddPathRectangle
GdipAddPathBezier
GdipAddPathArc
GdipAddPathLine
GdipGetPathLastPoint
GdipClosePathFigure
GdipStartPathFigure
GdipSetPathFillMode
GdipDeletePath
GdipClonePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipCreateFontFamilyFromName
GdipSetClipRect
GdipCreateMatrix2
GdipFillEllipse
GdipFillPolygon
GdipFillRectangle
GdipDrawPath
GdipDrawPolygon
GdipDrawEllipse
GdipDisposeImage
GdipCloneImage
GdipSetPenDashArray
GdipSetPenDashOffset
GdipDrawImageRectRectI
GdipDrawRectangle
GdipDrawLine
GdipGetDpiY
GdipSetPageUnit
GdipGetWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHWND
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateSolidFill
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipIsVisiblePathPoint
GdipGetImageHeight
GdipSetPenDashStyle
GdipSetPenColor
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipSetPenWidth
GdipDeletePen
GdipCreatePen1
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPoint
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipSetLinePresetBlend
GdipCreateLineBrush
GdipDeleteMatrix
GdipSetSolidFillColor
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap

Exports

Exports

VSTPluginMain
main

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e7f9a29f2c85394521a08b9f31f6275

Code Sign

0d:8e:39:4f:36:06:1f:ef:36:de:c5:2c:04:f6:03:33Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

69:2f:88:79:51:57:e2:b0:97:9d:6f:e7:7b:1e:15:3f:ae:8e:e2:6cSigner

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 172KB

.ndata Size: - Virtual size: 180KB

.rsrc Size: 34KB - Virtual size: 33KB

6e7f9a29f2c85394521a08b9f31f6275

Code Sign

0d:8e:39:4f:36:06:1f:ef:36:de:c5:2c:04:f6:03:33Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

6f:a8:b9:c8:32:e8:79:98:71:f4:61:da:14:f6:78:2e:0c:f1:55:47Signer

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 172KB

.ndata Size: - Virtual size: 180KB

.rsrc Size: 34KB - Virtual size: 33KB

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

0d:8e:39:4f:36:06:1f:ef:36:de:c5:2c:04:f6:03:33
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

69:2f:88:79:51:57:e2:b0:97:9d:6f:e7:7b:1e:15:3f:ae:8e:e2:6c
Signer

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 172KB

.ndata
Size: - Virtual size: 180KB

.rsrc
Size: 34KB - Virtual size: 33KB

0d:8e:39:4f:36:06:1f:ef:36:de:c5:2c:04:f6:03:33
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

6f:a8:b9:c8:32:e8:79:98:71:f4:61:da:14:f6:78:2e:0c:f1:55:47
Signer

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 172KB

.ndata
Size: - Virtual size: 180KB

.rsrc
Size: 34KB - Virtual size: 33KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 648B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 638B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 648B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 220B

.reloc
Size: 512B - Virtual size: 460B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB